debian+LVM+crypt系统恢复过程

debian+LVM+crypt系统恢复过程

第一贴:

一不小心把/boot分区给rm -r 了。笔记本,光驱坏掉了,教育网内,校内有网关
先后试过以下方法:

1. 恢复文件。重新以只读方式挂载/boot,使用debugfs,给出信息不能显示内容,具体信息内容忘了,大意是这样,lsdel也毫无结果,于是想起

2. 没准用新立得重装一下kernel就可以恢复,没等装完机器就自动重启了( 机器太老,过热了)。这下是进不去系统了

3. 在移动硬盘上新建一个Debian, 进入后在原系统的硬盘上装grub, 将原系统的/boot所在分区挂在新系统下,将新系统的/boot内容复制了过去。(这下在原磁盘上恢复数据的希望更小了),然而还是不能引导

问题1的显示信息复现:

deb402:/home/cyh# debugfs /dev/sda3
debugfs 1.40-WIP (14-Nov-2006)
/dev/sda3: Bad magic number in super-block while opening filesystem
debugfs:  lsdel
lsdel: Filesystem not open
debugfs:  open /dev/sda3
/dev/sda3: Bad magic number in super-block while opening filesystem
debugfs:

然后在debian-user-list上发问:

help: remove /boot by mistake and the partitions /,/usr,/home on are in LVM and/or crypt

A lap-top with two OSes: WindowsXP and Debian/Linux R4.0 Ecth. Under Debian, I removed all the subdirectories and files of /boot by mistake, and want to rescue the system. The harddisk partition of the interest system on is

##BEGIN
Disk /dev/hda: 60.0 GB, 60011642880 bytes
255 heads, 63 sectors/track, 7296 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot      Start         End      Blocks   Id  System
/dev/hda1   *           1        1084     8707198+   7  HPFS/NTFS
/dev/hda2            1085        2016     7486290   83  Linux
/dev/hda3            2017        2028       96390   83  Linux
/dev/hda4            2029        7296    42315210    5  Extended
/dev/hda5            2029        2150      979933+  8e  Linux LVM
/dev/hda6            2151        2393     1951866   83  Linux
/dev/hda7            2394        3366     7815591   83  Linux
/dev/hda8            3367        3731     2931831   8e  Linux LVM
/dev/hda9            3732        5555    14651248+  8e  Linux LVM
/dev/hda10           5556        5682     1020096   8e  Linux LVM
/dev/hda11           5683        5810     1028128+  8e  Linux LVM
/dev/hda12           5811        5937     1020096   8e  Linux LVM
/dev/hda13           5938        7296    10916136    b  W95 FAT32
##END

and /etc/fstab:

##BEGIN
# /etc/fstab: static file system information.
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
proc            /proc           proc    defaults        0       0
/dev/mapper/hda6_crypt /               reiserfs notail          0       1
/dev/hda3       /boot           reiserfs notail          0       2
/dev/mapper/hda7_crypt /usr            reiserfs defaults        0       2
/dev/mapper/home_crypt /home        ext3        defaults        0        0
/dev/mapper/swap_crypt        none        swap        sw        0        0
/dev/hdc        /media/cdrom0   udf,iso9660 user,noauto     0       0
/dev/hda2          /mnt/multimedia        reiserfs        defaults        0        2
/dev/vgresource/lvresource        /mnt/resource        ext3        defaults        0        2
#/dev/hda1        /mnt/hda1        ntfs        defaults        0        0
/dev/hda13        /mnt/hda13        vfat        iocharset=utf8,rw,auto,user,umask=0        0        0
##END

and /etc/crypttab:

##BEGIN
hda6_crypt /dev/hda6 none luks
swap_crypt /dev/vgswap/lvswap /dev/random swap
hda7_crypt /dev/hda7 none luks
home_crypt /dev/vghome/lvhome none luks
##END

where the PVs of vghome are hda8, hda10, hda11 and hda12. The PV(s) of vgresource are hda9.

I tried to make a new installation of basic Debian/Linux system on another harddisk and attached the harddisk which the broken system on as a mobile harddisk (use USB line). The subdirctory and files of /boot of the new system were copied to the corresponding place of old one and reinstalled GRUB on the harddisk and modified device.map and menu.1st. After doing so, boot from the harddisk, the last screen display gives:

##BEGIN
Begin: Mounting root file system ... ...
Begin: Running /scripts/local-top ... ...
device-mapper: ioctl: 4.7.0 - ioctl (2006-06-24) initialised: dm-devel@redhat.com
Done
Begin: Waiting for root filesystem ... ...
Done
        Check root= bootarg cat /proc/cmdline
        or missing modules, devices: cat /proc/modules ls /dev
ALERT! /dev/mapper/hda6_crypt does not exist. Dropping to a shell


BusyBox v1.1.3 (Debian 1:1.1.3-4) Built-in shell (ash)
Enter 'help' for a list of built-in commands

/bin/sh: can't access tty; job control turned off
(initramfs) _
##END

PS:
1. Though I could access most files even those on the crypted partations of the broken system and now I have another new system, I really want to rescue and use the old one.
2. After I mistakenly 'rm -r /boot' on the old system, I've tried several rescue ways:
        1). undelete: remount /dev/hda3 readonly,
            # debugfs /dev/hda3
                debugfs 1.40-WIP (14-Nov-2006)
                /dev/hda3: Bad magic number in super-block while opening filesystem
                debugfs:  lsdel
                lsdel: Filesystem not open
                debugfs:  open /dev/hda3
                /dev/hda3: Bad magic number in super-block while opening filesystem
                debugfs:
        Then I gave up. And try
        2). reinstall kernel using "synaptic", the machine halted at the last minute because overheat (almost complete the                         kernel reinstallation. :-( old computer, about 5 years, and the CPU is AMD Athlon 1800+ Mobile).

The guy on debian-user list told me that

###########
That won't work, you need to regenerate an initrd that matches the
system you're trying to boot with it. Boot the broken system in
rescue mode, chroot to it and reinstall the kernel, that should
do it.
############

The case to me now is that my CD drive may not
work. It works in a very low probability. It 's not easy to find a cd
drive fit to my laptop or a portable USB cd drive. I wonder if the
following ways could fix the broken system:

1. modify an exist initrd in the new system and cp it to the old one.
I've done 'cpio -i --make-directories < initrd.img' but I don't know
how to do next.
2. try again and again till the CD drive work and boot from debian cd
in rescue mode, then do like he have mentioned. I wonder if the
installation program can find my installed system because the
partitions except /dev/hda3 the system on were crypted.
3. use the /boot files now I have, and when the system boot to
"(initramfs) _" and use the built-in shell to fix the system. I've not
tried this yet.

Do them work, or some advices or points?

What should I do next? Thanks in advance!
最后:

先在移动硬盘的系统上做了个可引导U盘,然后用它引导在原windowsXP所在分区/dev/hda1上又装了一个debian。(这样做的原因是机器动不动就过热死掉,同时挂两个硬盘时风扇声大的吓人)
在新系统中先进入加密的原/home所在分区(即/dev/mapper/home_crypt)把数据backup 到vfat分区(/dev/hda2,数据是多年的积累,非常重要):

在single user 模式下

# cryptsetup luksOpen /dev/mapper/home_crypt

据提示键入口令,然后挂载,备份

# mkdir /mnt/tmp2
# mount /dev/mapper/home_crypt /mnt/tmp2
# tar -czvvf home_chen_backup.tar.gz /mnt/tmp2/chen
# mv home_chen_backup.tar.gz /mnt/hda2
# umount /mnt/tmp2

然后

# cryptsetup luksOpen /dev/mapper/hda6_crypt  (注:原/所在分区)
据提示键入口令
# cryptsetup luksOpen /dev/mapper/hda7_crypt (注:原/usr所在分区)
据提示键入口令

# mkdir /mnt/tmp1
# mount /dev/mapper/hda6_crypt /mnt/tmp1
# mount /dev/mapper/hda7_crypt /mnt/tmp1/usr
# mount /dev/mapper/home_crypt /mnt/tmp1/home
# mount /dev/hda3 /mnt/tmp1/boot
# cp -R /boot/* /mnt/tmp1/boot/
# chroot /mnt/tmp1
# vim boot/grub/menu.1st
完成后检查/etc/fstab是否要做相应修改
# grub
grub > root (hd0,2)
grub > setup (hd0)
grub > quit

# exit

# reboot

重新启动后就可选择进入原系统了,不过有点小问题:原系统的swap分区也是Lvm且加密的,但在装临时系统时给改了,所以在上面的操作中有修改/etc/fstab这一步。然而进入系统时仍提示无法找到vgswap。

要想再用加密的swap分区,以下步骤即可:

1) 重启进入single mode
2) 关掉swap (deactivate swap)
        # swapoff -a
3) 加密:
        # cryptsetup create -d /dev/random swap_crypt /dev/vgswap/lvswap
此处操作见howto,也可man了解。同时可以看出原swap分区已经采用LVM。
4) 建立ext3文件系统(可省略,下面步骤可代为完成)
        # mkfs.ext3 /dev/mapper/swap_crypt

        # mkswap /dev/mapper/swap_crypt
5) 修改/etc/fstab
        将<type>为swap的那行改为:
        /dev/mapper/swap_crypt  none    swap    sw      0       0
6)启用该加密分区
        # /etc/init.d/cryptdisks start
7) 激活交换分区
        # swapon -a
回想起来,走了不少弯路,也学到不少东西。其实,最简单的方法是用debugreiserfs, 不过这是后来发现的,也没试